An acquaintance asked whether there's been any progress in the oft-rumored project to come up with a more secure replacement for SMTP. Answer: No. Truly, spam isn't a technical problem, it's a social one. If we could figure out some way to make mail recipient networks and hosts willing to shun known bad actors, even at the cost of losing some real mail for a while until the bad actors cave, it would make vastly more difference than any possible technical changes. more

Edward Davidson, notorious spammer who had escaped from a minimum-security facility on Sunday has been found dead in Colorado, along with his wife and three-year-old child, in what is suspected to be a murder-suicide. Edward "Eddie" Davidson, 35, was serving 21 months in the minimum security facility in Florence, Colorado, for sending hundreds of thousands of spam emails. He had pleaded guilty to tax evasion and falsifying email headers. It was estimated that Davidson made at least $3.5 million from spamming activities through his company Power Promoters between 2003 and 2006. more

A recent report by iDefense Labs estimates that there have been 66 distinct spear phishing attacks between February 2007 and June 2008, with the rate of attacks continuing to accelerate. Spear phishing groups have claimed more than 15,000 corporate victims in 15 months, with victim losses exceeding $100,000 in some cases. Victims include Fortune 500 companies, financial institutions, government agencies, and legal firms. more

Robert Soloway, dubbed the "Spam King", who was charged with defrauding people through tens of millions of spam has been given four years in prison for mail fraud, electronic mail fraud, and failing to file a tax return. According to recent reports, federal prosecutors allege that from November 2003 to May 2007, Soloway sent tens of millions of email messages to advertise his company, which offered software to send out broadcast emails. For $495 customers could have an ad sent to 20,000,000 emails, or receive software allowing them to send up to 80,000,000 e-mails. Judge Marsha Pechman said laws governing Spam are very new territory for the courts, and the CAN-SPAM Act allows for only a maximum sentence of only five years. more

According to the most recent MessageLabs Intelligence monthly report, Switzerland has become the most spanned nation. From the report: "In June, Switzerland leapfrogged Hong Kong as the most spammed country with levels reaching 84.8% of all email. Many countries received a slight decrease in spam levels, with a few increases elsewhere, for example, spam in UAE rose by 7.4%, the highest increase this month. Spam levels in the US reached 68.8% in June, 77.8% in Canada and 74.3% in the UK. Germany's spam rate reached 73.5% and 73.2% in the Netherlands. Spam levels in Australia were 66.9%, 76.6% in China and 70.7% in Japan." more

They say (whoever "they" are) that good things come in threes, and that certainly seems true for law enforcement against spammers this week. In New York, Adam Vitale was sentenced to 30 months in prison and ordered to pay $183,000 in restitution for a week of spamming AOL back in 2005... In Illinois, an FTC settlement requires Spear Systems and company executives Bruce Parker and Lisa Kimsey to give up $29,000, stop making "false or unsubstantiated claims about health benefits" of their products, and bars them from violating CAN-SPAM ever again... And finally, in Seattle, the Robert Soloway case continues... more

Testimony received during the sentencing hearing for notorious spammer Robert Alan Soloway has offered an inside look at the big business of online fraud. Although anti-spam efforts implemented by ISPs have deterred many small-time spammers, sophisticated players remain active and they have developed tools to make their efforts easier. From the stand on Monday, investigators revealed some of the techniques that Soloway allegedly used to send out massive amounts of email. After the government seized Soloway's computer servers, investigators found files with as many as 10 million email addresses on each server along with Dark Mailer software on each server. more

Notorious spammer Robert Alan Soloway is scheduled to be sentenced on Monday by the U.S. District Court in Seattle after pleading guilty to single counts of mail fraud, e-mail fraud, and tax evasion. The long list of individuals testifying in federal court for the sentencing of the so-called 'King of Spam' has resulted in an unusual two-day hearing which began on Friday. Soloway is the second person to be convicted of criminal spamming under the 2004 "Can-Spam" law. more

Google has recently announced that it has succeeded in working with eBay and PayPal, also owned by eBay, to fight phishing by using authentication standards DomainKeys and DomainKeys Identified Mail (DKIM). According to Google, this is the main tool used by Gamil to keep spam out of its inboxes. However, Brad Taylor, Google's Software said in a blog post, that "these systems can only be effective when high volume senders consistently use them to sign their mail -- if they're sending some mail without signatures, it's harder to tell whether it's phishing or not. Well, I'm happy to announce today that by working with eBay and PayPal, we're one step closer to stopping all phishing messages in their tracks." Google hopes this will set a good example for other organizations to follow suit and work towards making email trustworthy. more

The spam attacks which occurred this weekend and claimed to have come from Microsoft, are reported to have used Amazon's Elastic Compute Cloud (EC2) servers. Brian Krebs of Washington Post's Security Fix has investigated this issue -- from the report: "...to spammers and scammers accustomed to paying for all kinds of Web services with stolen credit cards, Amazon's service is another place to host their junk, said Suresh Ramasubramanian, head of anti-spam operations at Outblaze, a Hong Kong-based outfit that has listed all of Amazon's EC2 Internet space on its spam blacklists..." Also reported: "Anti-spam group Spamhaus also has flagged a large swath of Amazon's EC2 Internet address space on its "policy blocklist," which subscribers use to block e-mail from dynamic Internet addresses..." more

A major antispam organization is pushing a set of new best practices for ISPs to stop increasing volumes of spam from botnets. The guidelines, from the Messaging Anti-Abuse Working Group (MAAWG), were drawn up at a meeting in Germany last week and deal with forwarded email and email that is sent from dynamic IP addresses. From MAAWG's news release issued yesterday... more

The majority of the Internets malware-infected websites are located on Chinese networks, finds a new report released today by StopBadware.org, the university-based research initiative aimed at protecting users from dangerous software. The report also identifies the 10 network blocks that contain the largest number of badware sites. Six of the 10 are located in China. more

A lawyer for Jeremy Jaynes, a man once considered one of the world's most prolific email spammers, has urged the Virginia Supreme Court to strike down a state anti-spam law, arguing it violates free speech protections under the First Amendment. more

ICANN has made an official announcement following earlier reports which suggested domain names registered by most spam sites where linked to a handful of domain registrars. From the ICANN Annoucement: "ICANN has sent enforcement notices and notices of concern to certain registrars, including those reported this week as being the registrars for the majority of websites advertised in spam emails... more